|
| 1 | +--- |
| 2 | +title: "Azure Operator Nexus: Cannot create Neighbor Group(s)" |
| 3 | +description: Learn how to troubleshoot Neighbor Group creation issues. |
| 4 | +author: benhurj |
| 5 | +ms.author: bejohnson |
| 6 | +ms.service: azure-operator-nexus |
| 7 | +ms.custom: azure-operator-nexus |
| 8 | +ms.topic: troubleshooting |
| 9 | +ms.date: 11/12/2024 |
| 10 | +# ms.custom: template-include |
| 11 | +--- |
| 12 | + |
| 13 | +# Overview |
| 14 | + |
| 15 | +The user faces issues creating Neighbor Group resources in the Azure portal due to an AuthorizationFailed error for the Microsoft.Resources/deployments/action permission, which appears invalid. Additionally, the portal adds an empty ipv6Addresses array by default, causing further errors. |
| 16 | + |
| 17 | +## Diagnosis |
| 18 | + |
| 19 | +* Customer tries to create Neighbor Group resources for NPB using the portal. Note that creation of Neighbor Groups is successful when using the az cli. |
| 20 | +* The following authorization error is receieved `The user does not have access for authorization to perform action 'Microsoft.Resources/deployments/action' over scope '/subscriptions/12768799-47d2-4435-aad8-c263bf62be01/providers/Microsoft.Resources/deployments/register' or the scope is invalid. If access was recently granted, please refresh your credentials. (Code: AuthorizationFailed) [ Error code: AuthorizationFailed ]'` |
| 21 | +* Customer tries to grant access to the action `Microsoft.Resources/deployments/action` however this is not a valid permission according to Azure |
| 22 | +* Customer is also failing to enable Network Tap Rule from the portal |
| 23 | +* Inspecting the Neighbor Group shows that certain fields are being set when not specified, for example the customer only specified ipv4 address, but the `ipv6Addresses` field is being set. |
| 24 | + |
| 25 | +## Mitigation steps |
| 26 | + |
| 27 | +Follow these steps for mitigation. |
| 28 | + |
| 29 | +### Use Az CLI to deploy the resource |
| 30 | + |
| 31 | + ```bash |
| 32 | + az deployment group create \ |
| 33 | + --resource-group <resource-group-name> \ |
| 34 | + --template-file <template-file.json or .bicep> \ |
| 35 | + --parameters <parameters-file.json> |
| 36 | + ``` |
| 37 | + |
| 38 | +## Verification |
| 39 | + |
| 40 | +Check the portal to see whether the resource has been created as expected. |
| 41 | + |
| 42 | +## Related content |
| 43 | + |
| 44 | +- If you still have questions, contact [Azure support](https://portal.azure.com/?#blade/Microsoft_Azure_Support/HelpAndSupportBlade). |
| 45 | +- For more information about support plans, see [Azure support plans](https://azure.microsoft.com/support/plans/response/). |
0 commit comments